package com.windgo.controller.admin;

import com.windgo.bean.common.BaseRespVo;

import com.windgo.bean.*;
import com.windgo.config.realm.MarketToken;

import com.windgo.service.AdminService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Map;

//shiro整合之后，在做具体的开发
//响应结果都是JSON，Controller组件上我们都用@RestController注解

@RestController
@RequestMapping("admin/auth")
public class AuthController {
    @Autowired
    AdminService adminService;


    @PostMapping("login")
    public BaseRespVo<LoginUserData> adminLogin(@RequestBody Map map) {
        String username = (String)map.get("username");
        String password = (String)map.get("password");
        // TODO 写业务
        //整合shiro
        //获得操作的主体
        Subject subject = SecurityUtils.getSubject();

        try {
            subject.login(new MarketToken(username,password,"admin"));
        } catch (AuthenticationException e) {
           // e.printStackTrace();
            return BaseRespVo.failed();
        }
        //判断是否认证成功
        if (!subject.isAuthenticated()){
           return BaseRespVo.unAuthc();//TODO 为true放行，否则重定向。
        }
        //可以获得session信息，也可以获得sessionId
        // Session session = subject.getSession();
        // session.setAttribute("username",username);
        // session.setAttribute("password",password);




        //获得principle信息-->CustomRealm的doGetAuthorizationInfo方法构造的认证信息里的第一个参数
        MarketAdmin primaryPrincipal = (MarketAdmin) subject.getPrincipals().getPrimaryPrincipal();

        LoginUserData loginUserData = new LoginUserData();
        AdminInfoBean adminInfo = new AdminInfoBean();
        adminInfo.setAvatar("https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif");

        //todo 测试中
        adminInfo.setNickName(primaryPrincipal.getUsername());
        //adminInfo.setNickName("admin123");
        // adminInfo.setNickName(primaryPrincipal.getUsername());

        loginUserData.setAdminInfo(adminInfo);
        //loginUserData.setToken("c4d988f3-e4c5-4e46-b6ce-13b9e008ea20");
        loginUserData.setToken((String) subject.getSession().getId());
        return BaseRespVo.ok(loginUserData);
    }

    @PostMapping("logout")
    public BaseRespVo adminLogout( ){
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return BaseRespVo.ok(0,"成功");
    }




    @RequestMapping("info")
    public BaseRespVo info(String token) {

        //先判断subject.isAuthenticated()，然后从session中获取ID

        Subject subject = SecurityUtils.getSubject();
        if (!subject.isAuthenticated()){
            return BaseRespVo.unAuthc();
        }
        // Session session = subject.getSession();
        // Serializable id = session.getId();
        // System.out.println(id);
        //todo 测试中
        MarketAdmin primaryPrincipal = (MarketAdmin) subject.getPrincipals().getPrimaryPrincipal();

        //开发完shiro之后，再整合
        InfoData infoData = new InfoData();
        //todo 测试中
        infoData.setName(primaryPrincipal.getUsername());
        // infoData.setName("admin123");

        //根据primaryPrincipal做查询
        infoData.setAvatar("https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif");
        ArrayList<String> roles = new ArrayList<>();
        //todo 测试中
        ArrayList<String> names = adminService.selectNameByUsername(primaryPrincipal.getRoleIds());
        //ArrayList<String> names = adminService.selectNameByRolesId(primaryPrincipal.getRoleIds());
        roles.addAll(names);
        //roles.add("超级管理员");



        infoData.setRoles(roles);
        ArrayList<String> perms = new ArrayList<>();
        //todo 测试中
        ArrayList<String> list = adminService.selecPermissionsByUsername(primaryPrincipal.getRoleIds());
        // perms.addAll(list);
        ArrayList<String> list1 = adminService.selectPermissionByPermissions(list);
       // perms.add("*");
        perms.addAll(list1);
        infoData.setPerms(perms);


        return BaseRespVo.ok(infoData);
    }
}

